主页
产品
Red Hat Advanced Cluster Management for Kubernetes
2.4
监管
2.6.8.2. 从控制台创建 gatekeeper 策略

2.6.8.2. 从控制台创建 gatekeeper 策略

通过从控制台创建 gatekeeper 策略来安装 gatekeeper 策略。

登录到集群后，进入 Governance 页面。

选择 Create policy。在填写表单时，从 Specifications 项中选择 GatekeeperOperator。策略的参数值会自动填充，策略默认设置为 inform。将补救操作设置为 enforce 来安装 gatekeeper。请参阅 policy-gatekeeper-operator.yaml 查看示例。

+ 注：考虑可由 Operator 生成默认值。如需了解可用于 gatekeeper operator 策略的可选参数的说明，请参阅 Gatekeeper Helm Chart。

2.6.8.2.1. Gatekeeper operator CR
复制链接

apiVersion: operator.gatekeeper.sh/v1alpha1
kind: Gatekeeper
metadata:
  name: gatekeeper
spec:
  audit:
    replicas: 1
    logLevel: DEBUG
    auditInterval: 10s
    constraintViolationLimit: 55
    auditFromCache: Enabled
    auditChunkSize: 66
    emitAuditEvents: Enabled
    resources:
      limits:
        cpu: 500m
        memory: 150Mi
      requests:
        cpu: 500m
        memory: 130Mi
  validatingWebhook: Enabled
  webhook:
    replicas: 2
    logLevel: ERROR
    emitAdmissionEvents: Enabled
    failurePolicy: Fail
    resources:
      limits:
        cpu: 480m
        memory: 140Mi
      requests:
        cpu: 400m
        memory: 120Mi
  nodeSelector:
    region: "EMEA"
  affinity:
    podAffinity:
      requiredDuringSchedulingIgnoredDuringExecution:
        - labelSelector:
            matchLabels:
              auditKey: "auditValue"
          topologyKey: topology.kubernetes.io/zone
  tolerations:
    - key: "Example"
      operator: "Exists"
      effect: "NoSchedule"
  podAnnotations:
    some-annotation: "this is a test"
    other-annotation: "another test"

2.6.8.2. 从控制台创建 gatekeeper 策略

2.6.8.2.1. Gatekeeper operator CR
复制链接

学习

尝试、购买和销售

社区

關於紅帽

让开源更具包容性

关于红帽文档

Theme

Red Hat legal and privacy links

Red Hat legal and privacy links

2.6.8.2. 从控制台创建 gatekeeper 策略

2.6.8.2.1. Gatekeeper operator CR复制链接链接已复制到粘贴板!

学习

尝试、购买和销售

社区

關於紅帽

让开源更具包容性

关于红帽文档

Theme

Red Hat legal and privacy links

Red Hat legal and privacy links

2.6.8.2.1. Gatekeeper operator CR
复制链接